Core network, user equipment, and communication control method for device to device communication

ABSTRACT

A communications system is provided. A network device controls the setting up of a device to device communication link, as sent between a device in the core network and the base station(s) servicing the relevant mobile devices, including disclosure of the common security information for two mobile devices to communicate securely over the direct device to device communications link.

TECHNICAL FIELD

The present invention relates to a communications system and to partsand methods thereof. The invention has particular but not exclusiverelevance to wireless communications systems and devices thereofoperating according to the 3GPP standards or equivalents or derivativesthereof.

BACKGROUND ART

Wireless communications systems enable users of User Equipment (UE) tocommunicate with other such users via one of a number of base stationsand a core network. Typically, the UEs are mobile terminals, such ascellular telephones and the like. In an active or connected state a UEis registered with the network and has a Radio Resource Control (RRC)connection with a base station so that the network knows to which basestation (or cell thereof) the UE belongs and can transmit data to andreceive data from the UE. The base station (i.e. the serving cell)provides mobility information and security parameters for the userequipment. The UE also establishes a default Evolved Packet System (EPS)Bearer to an endpoint beyond the base station, typically a gateway, inthe Enhanced Packet Core (EPC) network, or core network for short. AnEPS Bearer defines a transmission path through the network and assignsan IP address to the UE, at which it can be reached by othercommunication devices, such as another UE. An EPS Bearer also has a setof data transmission characteristics, such as quality of service, datarate and flow control parameters, which are defined by the subscriptionassociated with the UE and are established by the Mobility ManagementEntity (MME) upon registration of the UE with the network.

The EPS Bearer is thus managed by the MME, which signals to the UE whenit needs to activate, modify, or deactivate a particular EPS Bearer.Thus there are always two connections between the UE and thecommunication network: one for the user data transmitted using theestablished EPS bearer (also known as the user plane) and another onefor managing the EPS Bearer itself (also known as the control plane).

As part of the Long Term Evolution (LTE) of UTRAN (UMTS TerrestrialRadio Access Network) referred to as E-UTRAN, there are plans tointroduce a feature of direct device-to-device (D2D) communication whenthe UE can communicate user data to another UE that is within thetransmission range of the first UE without the need to use LTE networkresources. This direct communication would result in better utilizationof the available resources, especially on the radio interface, wherethese are limited.

SUMMARY OF INVENTION Technical Problem

However, the D2D communication has to remain under the networkoperator's control thus when setting up such direct radio bearers, it isnot enough to consider the signalling between the UE and the network butthe signalling between E-UTRAN and EPC as well.

Furthermore, a problem with using a D2D communication path is thatconventional security procedures cannot be re-used because in this casethe user equipment would have to share their security keys with eachother in order to be able to encrypt the user data exchanged betweenthem. The inventors have realised that using either user equipment'ssecurity key (i.e. the one that is normally used by the base station) toencrypt the D2D user plane data would make it possible for the otheruser equipment to eavesdrop all communications intended for the userequipment to which that key belongs, not only the direct communicationsbetween them. This raises serious privacy and security issues that needto be addressed.

Although, in theory, it might be possible to provide new securityparameters by the base station instead of re-using security keysbelonging to the user equipment, there is no way to prevent differentbase stations controlling different groups of user equipment allocatingthe same security parameters to their groups, which would result inharmful interference in the overlapping region served by these basestations.

It is therefore the object of the invention to provide a mechanism toset up a D2D bearer, which at least alleviates the above problems.

Solution to Problem

In an aspect there is provided a network entity operable to control thesetting up of a device to device communications link between first andsecond user devices, wherein the network entity comprises: means forproviding information relating to a radio bearer that is complementaryfor the first and second user devices and that is used by the first andsecond user devices to establish radio communications transmitted overthe device to device communications link; and means for sending theradio bearer information towards the first and the second user devices.

The network entity might comprise means for providing first bearerconfiguration data, including a traffic flow template, for the firstuser device, that includes a destination address for the second userdevice and preferably for providing second bearer configuration data,including a second traffic flow template, for the second user device,that includes a destination address for the first user device.

The device to device communication link might carry user plane databetween the first and second user devices using said traffic flowtemplate.

Information that is provided in common for the first and second userdevices might include a bearer identification for the device to devicecommunications link.

The network entity might comprise means for detecting that the first andthe second user devices can establish a new user plane communicationwith each other, and wherein said means for providing is operable, inresponse to said detecting, to provide the complementary radio bearerinformation in an “E-RAB Setup Request” message or a “E-RAB ModifyRequest” message sent to a base station that is associated with at leastone of the first and second user devices.

The E-RAB Setup Request message or the E-RAB Modify Request messagemight include a non-access stratum (NAS) protocol data unit (PDU)comprising a Modify EPS Bearer Context Request or an Activate DedicatedEPS Bearer Request. In this case, the Modify EPS Bearer Context Requestor the Activate Dedicated EPS Bearer Request might comprise informationrelating to the security configuration for the D2D link. In oneembodiment, this security configuration may provide a common securitybase value that each of the user devices can use to cipher theircommunications to each other.

The information relating to the security configuration might be providedin a GPRS Tunnelling Protocol (GTP) message, such as the “Create PDPContext Request” or the “Create PDP Context Response”.

The network entity might be a mobility management entity.

In another aspect there is provided a user device operable to set up adevice to device communications link with a second user device, whereinthe user device comprises: means for receiving, from a network entity,information relating to a radio bearer that is complementary for theuser device and the second user device; means for establishing a deviceto device communication link with the second user device using saidreceived information; and means for communicating with the second userdevice using the established device to device communication link.

In yet another aspect there is provided a network entity operable tocontrol the setting up of a device to device communications link betweenfirst and second user devices, wherein the network entity comprises:means for providing security information that is common for the firstand second user devices and that is used by the first and second userdevices to secure communications transmitted over the device to devicecommunication link; and means for sending the common securityinformation towards each of the first and the second user devices. Thisaspect may be provided separately from, or in combination with, theabove aspects.

The network entity might generate the common security information.Alternatively, the network entity might receive the common securityinformation from another network entity. The network entity might alsocomprise means for encrypting the generated common security informationwith a key specific to at least one user device. Preferably the networkentity will encrypt the common security information with respective keysfor each of the first and second user devices.

The network entity might comprise means for providing bearerconfiguration data, including a traffic flow template, for the firstuser device, that includes a destination address for the second userdevice and preferably for providing second bearer configuration data,including a second traffic flow template, for the second user device,that includes a destination address for the first user device. Thebearer configuration data might be provided for the first and seconduser devices using complementary bearer setup or modify messages.

The network entity might comprise means for providing radio bearerinformation that is complementary for the first and second user devicesand that is used by the first and second user device to establish thedevice to device communication link.

The network entity might also comprise means for detecting that thefirst and the second user devices can establish a new user planecommunication with each other, and wherein said means for providing isoperable, in response to said detecting, to provide the common securityinformation in an “E-RAB Setup Request” message sent to a base stationthat is associated with at least one of the first and second userdevices.

The network entity might comprise means for detecting that the first andthe second user devices have an established communication link with eachother via a communication network; and wherein said providing means isresponsive to said detecting, to provide the common security informationin an “E-RAB Modify Request” message sent to a base station that isassociated with at least one of the first and second user devices.

The network entity might be a mobility management entity. The othernetwork entity might also be a mobility management entity or a homesubscriber server.

In a further aspect there is provided a user device operable to set up adevice to device communications link with a second user device, whereinthe user device comprises: means for receiving, from a network entity,security information that is common for the user device and the seconduser device; means for establishing a device to device communicationlink with the second user device; and means for securing communicationstransmitted over the device to device communication link using thecommon security information.

The user device might receive encrypted security information and in thiscase the user device might comprise means for decrypting the receivedsecurity information with a key specific to the user device.

The user device might also comprise means for receiving radio bearerinformation that is common for the first and second user devices andthat is used by the first and second user devices to establish thedevice to device communication link.

The user device might receive bearer configuration data, including atraffic flow template that includes a destination address for the seconduser device.

The device to device communication link might carry user plane databetween the user device and the second user device using said trafficflow template.

The invention also provides, for all network entities and user devicesdisclosed, corresponding methods and computer programs or computerprogram products for execution on corresponding user equipment ornetwork communications devices.

Advantageous Effects of Invention

According to the present invention, it is possible to at least provide amechanism to set up a D2D bearer, which at least alleviates the aboveproblems.

BRIEF DESCRIPTION OF DRAWINGS

Embodiments of the invention will now be described, by way of example,with reference to the accompanying drawings, in which:

FIG. 1A illustrates schematically a cellular telecommunications systemto which embodiments of the invention may be applied;

FIG. 1B illustrates an EPS bearer architecture used in the communicationsystem illustrated in FIG. 1A;

FIG. 2 is a functional block diagram illustrating some of thefunctionality of a mobility management entity forming part of the systemshown in FIG. 1A;

FIG. 3 is a functional block diagram illustrating some of thefunctionality of a base station forming part of the system shown in FIG.1A;

FIG. 4 is a functional block diagram illustrating some of thefunctionality of a mobile telephone forming part of the system shown inFIG. 1A;

FIG. 5 is a timing diagram illustrating the way in which the mobilitymanagement entity controls the setting up of a D2D connection;

FIG. 6 is a timing diagram illustrating the way in which the mobilitymanagement entity controls the setting up of a D2D connection when themobile telephones are served by different base stations;

FIG. 7 is a timing diagram illustrating the way in which the mobilitymanagement entity controls the setting up of a D2D connection before themobile telephones exchange user plane data with each other; and

FIG. 8 is a timing diagram illustrating the way in which the mobilitymanagement entity controls the setting up of a D2D connection before themobile telephones exchange user plane data with each other when themobile telephones are served by different base stations.

DESCRIPTION OF EMBODIMENTS [Overview]

FIG. 1A schematically illustrates a communications network 1 in whichusers of mobile telephones (MT) 3-1 to 3-3 can communicate with eachother and other users via E-UTRAN base stations 5-1 and 5-2 and corenetwork 7. As those skilled in the art will appreciate, three mobiletelephones 3 and two base stations are illustrated in FIG. 1A forillustration purposes and others will be provided in a deployed system.Conventionally, when mobile telephones 3-1 and 3-2 are in communicationwith each other, user plane data is routed from user equipment 3-1 tobase station 5-1, through the core network 7, back to base station 5-1and to the mobile telephone 3-2 (and similarly for user plane data sentin the opposite direction). Similarly, when mobile telephones 3-1 and3-3 are in communication with each other, user plane data isconventionally routed from user equipment 3-1 to base station 5-1,through the core network 7, to base station 5-2 and to the mobiletelephone 3-3 (and similarly for user plane data sent in the oppositedirection).

The communication paths described above ensure that data is transmittedbetween the mobile telephones 3 in compliance with the relevantsubscription parameters and also respecting the service criteriarequired by the mobile telephones 3 and the security criteria imposed bythe network. However, such a conventional arrangement is wasteful ofresources in the base stations 5 and in the core network 7 as the twomobile telephones 3 are within radio communications range of each otherand a direct user plane communication link can be used instead.

Therefore, in this embodiment, the communications network 1 alsosupports device-to-device user plane communication between compatiblemobile telephones 3. (The control plane data will still be between themobile telephones 3 and the base station 5/core network 7.) Asillustrated in FIG. 1A, such direct communication paths may be set upbetween mobile telephones 3 served by the same base station, such as theD2D connection denoted “A” between mobile telephones 3-1 and 3-2, andalso between mobile telephones 3 served by different base stations 5,such as the D2D connection denoted “B” between mobile telephones 3-1 and3-3.

There are four main scenarios that the present embodiments address:

-   -   1) the two mobile telephones 3 are served by the same base        station 5 and a determination that a D2D connection should be        established is made during an existing communication session;    -   2) the two mobile telephones 3 are in the same network 7, but        served by different base stations 5, and a determination that a        D2D connection should be established is made during an existing        communication session; and    -   3) the two mobile telephones 3 are served by the same base        station 5 and a determination that a D2D connection should be        established is made during an initial call setup;    -   4) the two mobile telephones 3 are in the same network 7, but        served by different base stations 5, and a determination that a        D2D connection should be established is made during an initial        call setup.

As will become clear from the following description, in each scenario,once a decision is taken that a connection between two mobile telephones3 can be made D2D, the core network 7 triggers the necessary signalling(S1AP, RRC) that will allow the establishment of a D2D bearer betweenthe two mobile telephones 3. The D2D bearer will be managed at thenetwork level as an EPS bearer for which a dedicated Traffic FlowTemplate (TFT) is assigned that allows D2D communications to be madebetween the two mobile telephones 3. This TFT will ensure that userplane data relating to the direct communications is routed (IP filtered)between the two mobile telephones 3 instead of between the mobiletelephones 3 and the core network 7. This ensures that uplink datarelating to the D2D link is separately treated by each mobile telephone3 compared to other uplink data that the mobile telephone 3 has fortransmission back to the core network 7 via the base station 5. In orderto allow the separate processing and transmission, the uplink data forthe D2D link is encoded, segmented and ciphered separately from theother uplink data. As will be described in more detail below, in orderto allow for this separate ciphering, common shared security informationis provided to the two mobile telephones 3 from which they can generatea common shared security key to encrypt their direct communications.

The mobile telephones 3 will keep their on-going control planeconnection with the core network 7 to handle their mobility (i.e. thedefault EPS bearer), the Packet Data Network (PDN) connection and anyother EPS bearers not related to the device to device communication(which will remain connected to the network 7).

Embodiments of the invention use the core network 7, or a deviceattached to the core network 7, to determine when a communications linkbetween two mobile telephones 3 is suitable for changing to a D2Dcommunications link.

The advantages of the embodiments include that the overload towards thecore network 7 (specifically the Serving Gateway and/or the PDN Gatewaywithin the core network 7) is reduced because data can be exchangeddirectly between the mobile telephones; and because the directcommunications between the mobile telephones 3 will be short rangecommunications over a given frequency, will allow extra spectrum usagewith multiple devices. The D2D communications will also be secured toprevent eavesdropping either by the network or by other mobiletelephones 3.

[EPS Bearer Architecture]

Before discussing the above scenarios, it is helpful to set out thearchitecture of the EPS bearers used to carry the data between themobile telephones 3 and the base stations 5/core network 7. FIG. 1Bgives an overview of the EPS architecture as extended to accommodate theD2D bearer between the mobile telephones 3. Further details can be foundin 3GPP TS 23.401 V11.1.0, the contents of which are hereby incorporatedby reference. In summary, an EPS bearer is realized by the followingelements:

In the mobile telephone 3, the UL TFT (Uplink Traffic Flow Template)maps a traffic flow aggregate to an EPS bearer in the uplink direction;

In the PDN GW (Packet Data Network Gateway), the DL TFT (downlinkTraffic Flow Template) maps a traffic flow aggregate to an EPS bearer inthe downlink direction;

A radio bearer (as defined in TS 36.300 V11.1.0) is a radio link betweentwo points, with a specific set of associated characteristics, such asquality of service, volume of traffic, frequency allocation, modulationscheme, synchronisation, multiple-input and multiple-output (MIMO)configuration, etc. Radio bearers can be seen as channels offered byLayer 2 to higher layers for the transfer of either user data or controldata. When a radio bearer is used for transmitting control data, it isreferred to as Signaling Radio Bearer (SRB). The radio bearer transportsthe packets of an EPS bearer between a mobile telephone and a basestation 5. Whenever a mobile telephone 3 is using a service, the serviceis always associated with a radio bearer specifying the Layer-2 andPhysical Layer configuration in order define the associated transmissionparameters. However, these associated parameters can be updated anytimeduring the lifetime of a radio bearer, depending on the currentrequirements imposed by the two endpoints of communication and thecurrent availability of system resources. If a radio bearer exists,there is a one-to-one mapping between an EPS bearer and this radiobearer;

An S1 bearer transports the packets of an EPS bearer between a basestation 5 and a Serving GW 8;

An E-RAB (E-UTRAN Radio Access Bearer) refers to the concatenation of anS1 bearer and the corresponding radio bearer, as defined in TS 36.300V11.1.0.

An S5/S8 bearer transports the packets of an EPS bearer between theServing GW 8 and the PDN GW 10;

The mobile telephone 3 stores a mapping between an uplink packet filterand a radio bearer to create the mapping between a traffic flowaggregate and a radio bearer in the uplink;

The PDN GW 10 stores a mapping between a downlink packet filter and anS5/S8 bearer to create the mapping between a traffic flow aggregate andan S5/S8 bearer in the downlink;

The base station 5 stores a one-to-one mapping between a radio bearerand an S1 Bearer to create the mapping between a radio bearer and an S1bearer in both the uplink and the downlink;

The Serving GW 8 stores a one-to-one mapping between an S1 Bearer and anS5/S8 bearer to create the mapping between an S1 bearer and an S5/S8bearer in both the uplink and downlink.

The PDN GW 10 routes downlink packets to the different EPS bearers basedon the downlink packet filters in the TFTs assigned to the EPS bearersin the PDN connection. Similarly, the mobile telephones 3 route uplinkpackets to the different EPS bearers based on the uplink packet filtersin the TFTs assigned to the EPS bearers in the PDN connection.

[Mobility Management Entity]

FIG. 2 shows a functional block diagram of the mobility managemententity 9 shown in FIG. 1A. As shown, the mobility management entity 9has a transceiver circuit 11 for transmitting signals to and forreceiving signals from the base stations 5 via a base station interface13, a core network interface 15 for transmitting signals to and forreceiving signals from other entities in the core network 7 (or in othercore networks operated by other operators), such as the HSS, a gateway,and other MMEs 9. The mobility management entity 9 has a controller 17to control the operation of the mobility management entity 9. Thecontroller 17 is associated with a memory 19. Although not necessarilyshown in FIG. 2, the mobility management entity 9 will of course haveall the usual functionality of a conventional mobility management entityand this may be provided by any one or any combination of hardware,software and firmware, as appropriate. Software may be pre-installed inthe memory 19 and/or may be downloaded via the communications network 1or from a removable data storage device (RMD), for example. Thecontroller 17 is configured to control the overall operation of themobility management entity 9 by, in this example, program instructionsor software instructions stored within the memory 19. As shown, thesesoftware instructions include, among other things, an operating system21, a D2D setup module 25 and a security function module 27.

The D2D setup module 25 is operable to control the setting up andmodification of D2D connections for mobile telephones 3 served by themobility management entity 9. After a determination has been made thatconditions are met for a mobile telephone 3 to start D2D communicationswith another mobile telephone 3, the D2D setup module 25 instructs thebase station(s) 5 serving the mobile telephones 3 to initiate RRCconfiguration or reconfiguration (as the case may be).

The security function module 27 generates and provides securityinformation for the mobile telephones 3 to perform secure D2Dcommunication. This security information includes a common sharedsecurity base value. The security information is sent to the basestation(s) 5 via the transceiver circuit 11 and base station interface13 for delivery to the mobile telephones 3. In case another mobilitymanagement entity 9 is involved, i.e. because one of the UEs 3 isattached via a different core network (not shown), the security functionmodule 27 is operable to negotiate the security information with thecorresponding module of the other mobility management entity 9 beforeproviding it to the base station 5.

The program instructions or software instructions stored within thememory 19 includes a D2D monitoring module 23 and a D2D compliancemodule 29.

[Base Station]

FIG. 3 shows a functional block diagram of each of the base stations 5shown in FIG. 1A. As shown, the base station 5 has a transceiver circuit51 for transmitting signals to and for receiving signals from the mobiletelephones 3 via one or more antenna 53, a core network interface 55 fortransmitting signals to and for receiving signals from devices in thecore network 7 (such as the mobility management entity 9). The corenetwork interface 55 may be referred to as an MME interface 55. The basestation 5 has a controller 57 to control the operation of the basestation 5. The controller 57 is associated with a memory 59. Althoughnot necessarily shown in FIG. 3, the base station 5 will of course haveall the usual functionality of a cellular telephone network base stationand this may be provided by any one or any combination of hardware,software and firmware, as appropriate. Software may be pre-installed inthe memory 59 and/or may be downloaded via the communications network 1or from a removable data storage device (RMD), for example. Thecontroller 57 is configured to control the overall operation of the basestation 5 by, in this example, program instructions or softwareinstructions stored within memory 59. As shown, these softwareinstructions include, among other things, an operating system 61, acommunications control module 63, a D2D control module 65 and a securitymodule 67.

The communications control module 63 is operable to handle (e.g.generate, send and receive) control signals for the mobile telephones 3and other network entities that are connected to the base station 5. Thecommunications control module 63 is also operable to manage RRCconnections for the mobile telephones 3 that are attached to the networkvia this base station 5.

The D2D control module 65 is operable to instruct the communicationscontrol module 63 to send the signalling messages required to setup adevice-to-device communication link between two mobile telephones 3based on information received from the mobility management entity 9.

The security module 67 is operable to provide the security parametersnecessary for the mobile telephone 3 to communicate with the basestation 5 and the security parameters received from the MME 9 that allowthe mobile telephone to communicate securely with the other mobiletelephone 3 using the D2D communication link.

[Mobile Telephone]

FIG. 4 shows a functional block diagram of the mobile telephone 3 shownin FIG. 1A. As shown, the mobile telephone 3 has a transceiver circuit71 that is operable to transmit signals to and to receive signals from abase station 5 via one or more antenna 73. The mobile telephone 3 has acontroller 77 to control the operation of the mobile telephone 3. Thecontroller 77 is associated with a memory 79 and is coupled to thetransceiver circuit 71. Although not necessarily shown in FIG. 4, themobile telephone 3 will of course have all the usual functionality of aconventional mobile telephone 3 (such as a user interface) and this maybe provided by any one or any combination of hardware, software andfirmware, as appropriate. Software may be pre-installed in the memory 79and/or may be downloaded via the telecommunications network or from aremovable data storage device (RMD), for example.

The controller 77 is configured to control overall operation of themobile telephone 3 by, in this example, program instructions or softwareinstructions stored within memory 79. As shown, these softwareinstructions include, among other things, an operating system 81, acommunications control module 83, a D2D control module 85, and asecurity module 87.

The communications control module 83 is operable to handle (e.g.generate, send and receive) control signals for controlling theconnections between the mobile telephone 3 and other mobile telephones 3or the base station 5. The communications control module 83 alsocontrols the separate flows of uplink data and control data that are tobe transmitted to the other mobile telephone 3 or to the base station 5.

The D2D control module 85 is operable to instruct the communicationscontrol module 83 to set up a device-to-device communication path basedon the information received from the mobility management entity 9 viathe base station 5.

The security module 87 is operable to receive the security parametersthat the mobile telephone 3 is to use when communicating with thedifferent entities—such as the base station 5 or the other mobiletelephone 3. When the D2D control module 85 is setting up a D2D pathwith another mobile telephone 3, the security module 87 uses thesecurity information received from the mobility management entity 9 forthe D2D communication link.

[Mobile Telephones Served by the Same Base Station—During ExistingConnection]

A more detailed description will now be given (with reference to FIG. 5)of the scenario discussed above where a D2D communications link is to beestablished between two mobile telephones 3-1 and 3-2 that already havea communication link established through the core network 7 and that arecurrently being served by the same base station 5-1.

Initially, the first mobile telephone 3-1 has a user plane dataconnection with the second mobile telephone 3-2 via the Serving Gateway8 and the PDN Gateway 10 and the base station 5-1, as shown in stepss501 and s503. In step s505, the core network 7 (or a device external tothe core network 7) determines that the two mobile telephones 3-1 and3-2 are communicating with each other and that they meet the criteriafor D2D communication. In response the MME 9 sets up the D2D bearer byestablishing a dedicated EPS bearer for which the Traffic Flow Templateestablishes the mobile telephones 3-1 and 3-2 as the end points for thenew EPS bearer.

The MME 9 then generates the appropriate security information for thenew D2D link. This includes generating, in step s506, a common sharedsecurity base value (RAND or Key) for the mobile telephones 3-1 and 3-2;and separately encrypting the base value using a key derivation function(KDF) and keys specific to the two mobile telephones 3-1 and 3-2. Thus,in step s507, the mobility management entity 9 generates two securityconfiguration values: a “base1” value which has been encrypted using akey specific to the first mobile telephone 3-1 (K_(ASME_UE1)), and a“base2” value which has been encrypted using a key specific to thesecond mobile telephone 3-2 (K_(ASME_UE2)).

In step s508, the MME 9 sends an “E-RAB Modify Request” message to thebase station 5-1 for onward transmission to the first mobile telephone3-1. This E-RAB Modify Request message is to modify the existing EPSbearer that the mobile telephone 3-1 is using in its communications withthe second mobile telephone 3-2 (identified by an EPS bearer ID). Inparticular, this E-RAB Modify Request message identifies the EPS bearerto be modified using the bearer ID and sets the second mobile telephone3-2 as the destination of the first mobile telephone's 3-1 traffic flowtemplate (TFT) for the D2D communication link. The mobility managemententity 9 also includes in this message the D2D bearer configuration andsecurity information for setting up the D2D bearer, including the base1value calculated in step s507 and the security algorithm to be used forencrypting the user plane data in the D2D connection.

In step s509, the mobility management entity 9 sends a similar “E-RABModify Request” message to the base station 5-1 for onward transmissionto the second mobile telephone 3-2. This E-RAB Modify Request message isto modify the existing EPS bearer that the second mobile telephone 3-2is using in its communications with the first mobile telephone 3-1(identified by the EPS bearer ID). In particular, this E-RAB ModifyRequest message identifies the EPS bearer to be modified using the EPSbearer ID and includes updated TFT information for the D2D bearersetting mobile telephone 3-1 as the destination of the second mobiletelephone's 3-2 Traffic Flow Template. The E-RAB Modify Request messagesent in step s509 also includes the D2D bearer configuration andsecurity information for setting up the D2D bearer, including the base2value calculated in step s507. The E-RAB Modify Request message willalso include various other parameters as defined in TS 36.413 V10.5.0,the content of which is hereby incorporated by reference.

In response to receiving the first “E-RAB Modify Request” message sentin step s508, the base station 5-1 generates an “RRC ConnectionReconfiguration” message and sends it to the first mobile telephone 3-1in step s511. The “RRC Connection Reconfiguration” message includes theD2D radio bearer configuration information (such as the radio parametersfor the D2D link, including the transmit/receive power, frequency to beused etc.) and security configuration, such as the above described base1value and ciphering algorithm to be used. The base station 5 may assignthe frequency for the D2D connection in a spare frequency that can't beused by the operator due to, for example, limited bandwidth. Afterreceiving this RRC Connection Reconfiguration message, in step s512, thefirst mobile telephone 3-1 recovers the common shared security basevalue from the received “base1” value using its K_(ASME_UE1) key and thekey derivation function (KDF).

In response to receiving the second “E-RAB Modify Request” sent in steps509, the base station 5-1 generates another “RRC ConnectionReconfiguration” message and sends it to the second mobile telephone 3-2in step s513. The “RRC Connection Reconfiguration” message includes theD2D radio bearer configuration information and security configuration,such as the above described base2 value and ciphering algorithm to beused. After receiving this RRC Connection Reconfiguration message, instep s514, the second mobile telephone 3-2 recovers the common sharedsecurity base value from the “base2” value using its K_(ASME_UE2) keyand the key derivation function (KDF).

After successfully recovering the common shared security base value andreconfiguring the RRC connection, the first mobile telephone 3-1 sends,in step s515, an “RRC Connection Reconfiguration Complete” message backto the base station 5-1, which in turn sends, in step s517, an “E-RABModify Response” message to the MME 9, acknowledging receipt of the“E-RAB Modify Request” message.

Similarly, after successfully recovering the common shared security basevalue and reconfiguring the RRC connection, the second mobile telephone3-2 sends, in step s519, an “RRC Connection Reconfiguration Complete”message back to the base station 5-1, which in turn sends, in step s521,another “E-RAB Modify Response” message to the MME 9, acknowledgingreceipt of the “E-RAB Modify Request” message. The base station 5-1 mayalso release the previous Radio Bearers that were being used for thecommunications before the reconfigurations.

In step s523, after the first mobile telephone 3-1 has reconfigured itsbearer for the D2D connection, the first mobile telephone 3-1 informsthe MME 9 that the D2D bearer has been successfully set up by sending a“Modify EPS Bearer Confirmation” message. In step s525, after the secondmobile telephone 3-2 has reconfigured its bearer for the D2D connection,the second mobile telephone 3-2 also informs the MME 9 that the D2Dbearer has been successfully set up by sending a “Modify EPS BearerConfirmation” message. The MME 9 will maintain the NAS bearers forbilling purposes (as the call is still in progress). If the MME 9 doesnot receive the E-RAB Modify Response messages back from the basestation, then it assumes that the D2D connection has failed and fallsback to the previous configuration, where the mobile telephones 3 arecommunicating via the base station 5.

Finally, in step s527, the first and second mobile telephones 3-1 and3-2 resume communicating user plane data with each other, except thistime via the established D2D connection (labelled “A” in FIG. 1A).

Normally, the mobile telephones 3 generate the security keys used tocipher their communications that are transmitted over the air interfaceusing a security base value that is programmed into the mobile telephone3 (into the USIM) when the telephone 3 is purchased and which is alsoknown to the network. In accordance with this embodiment, the commonshared security base value is sent from the network to each of themobile telephones 3-1 and 3-2 and is used as (or makes it possible togenerate) the common security key that is used for exchanging integrityprotected and ciphered messages on the established D2D link betweenthem—instead of using one of the pre-stored security base values. Inthis way, the mobile telephones 3-1 and 3-2 are effectively providedwith a temporary security base value that they should use for theircommunications over the D2D link. Further, since the common sharedsecurity base value has been encrypted using the mobile phone specifickeys (i.e. K_(ASME)) before being transmitted across the network andover the air interface, no other network entity (or mobile telephone 3)will be able to recover it and use it for eavesdropping on thecommunications exchanged via the D2D link.

[Mobile Telephones Served by Same Core Network but Different BaseStations—During Existing Connection]

A more detailed description will now be given (with reference to FIG. 6)of the scenario discussed above where a D2D communications link is to beestablished between two mobile telephones 3-1 and 3-3 that already havea communication link established through the same core network 7 butwhich are currently being served by different base stations 5-1 and 5-2.

Initially, the first mobile telephone 3-1 has a user plane dataconnection with the third mobile telephone 3-3 via a Serving Gateway 8and the first and second base stations 5-1 and 5-2, as shown in stepss601 and s603. In step s605, a decision is made by the core network 7that the two mobile telephones 3-1 and 3-3 are communicating with eachother and that they meet the criteria for D2D communication. In responsethe MME 9 sets up the D2D bearer by establishing a dedicated EPS bearerfor which the Traffic Flow Template establishes the mobile telephones3-1 and 3-3 as the end points for the new EPS bearer. The MME 9 thengenerates the appropriate security information for the new D2D link.This includes generating, in step s606, a common shared security basevalue (RAND or Key) for the mobile telephones 3-1 and 3-3; andseparately encrypting the base value using a key derivation function(KDF) and keys specific to the two mobile telephones 3-1 and 3-3. Thus,in step s607, the mobility management entity 9 generates two securityconfiguration values: a “base1” value which has been encrypted using akey specific to the first mobile telephone 3-1 (K_(ASME_UE1)), and a“base3” value which has been encrypted using a key specific to the thirdmobile telephone 3-3 (K_(ASME_UE3)).

In step s608, the MME 9 sends an “E-RAB Modify Request” message to thefirst base station 5-1 for onward transmission to the first mobiletelephone 3-1. As before, this E-RAB Modify Request message is to modifythe existing EPS bearer that the mobile telephone 3-1 is using in itscommunications with third mobile telephone 3-3. In particular, thisE-RAB Modify Request message sets the third mobile telephone 3-3 as thedestination of the first mobile telephone's 3-1 traffic flow template(TFT) for the D2D communication link. The mobility management entity 9also includes in this message the D2D bearer configuration and securityinformation for setting up the D2D bearer, including the base1 valuecalculated in step s607 and the security algorithm to be used forencrypting the user plane data in the D2D connection. The MME 9 selectsthe security algorithm for the user plane data, unlike in the current3GPP standards, which require the base station 5 to define the securityalgorithm to be used. In step s609, the mobility management entity 9sends a similar “E-RAB Modify Request” message to the second basestation 5-2 for onward transmission to the third mobile telephone 3-3.This E-RAB Modify Request message includes updated TFT information forthe D2D bearer setting the first mobile telephone 3-1 as the destinationof the third mobile telephone's 3-3 Traffic Flow Template. The E-RABModify Request message sent in step s609 also includes the D2D bearerconfiguration and security information for setting up the D2D bearer,including the base3 value calculated in step s607.

In response to receiving the first “E-RAB Modify Request” message sentin step s608, the first base station 5-1 generates an “RRC ConnectionReconfiguration” message and sends it to the first mobile telephone 3-1in step s611. The “RRC Connection Reconfiguration” message includes theD2D radio bearer configuration information and security configuration,such as the above described base1 value and ciphering algorithm to beused. After receiving this RRC Connection Reconfiguration message, instep s612, the first mobile telephone 3-1 recovers the common sharedsecurity base value from the received “base1” value using itsK_(ASME_UE1) key and the key derivation function (KDF).

In response to receiving the “E-RAB Modify Request” sent in step s609,the second base station 5-2 generates an “RRC ConnectionReconfiguration” message and sends it to the third mobile telephone 3-3in step s613. The “RRC Connection Reconfiguration” message includes theD2D radio bearer configuration information and security configuration,such as the above described base3 value and ciphering algorithm to beused. After receiving this RRC Connection Reconfiguration message, instep s614, the third mobile telephone 3-3 recovers the common sharedsecurity base value from the “base3” value using its K_(ASME_UE3) keyand the key derivation function (KDF).

After successfully recovering the common shared security base value andreconfiguring the RRC connection, the first mobile telephone 3-1 sends,in step s615, an “RRC Connection Reconfiguration Complete” message backto the first base station 5-1, which in turn sends, in step s617, an“E-RAB Modify Response” message to the MME 9, acknowledging receipt ofthe “E-RAB Modify” message.

Similarly, after successfully recovering the common shared security basevalue and reconfiguring the RRC connection, the third mobile telephone3-3 sends, in step s619, an “RRC Connection Reconfiguration Complete”message back to the second base station 5-2, which in turn sends, instep s621, an “E-RAB Modify Response” message to the MME 9,acknowledging receipt of the “E-RAB Modify” message. If the MME 9 doesnot receive the E-RAB Modify Response messages back from the basestations 5, then it assumes that the D2D connection has failed and fallsback to the previous configuration, where the mobile telephones 3 arecommunicating via the base stations 5.

In step s623, after the first mobile telephone 3-1 has reconfigured itsbearer for the D2D connection, the first mobile telephone 3-1 informsthe MME 9 that the D2D bearer has been successfully set up by sending a“Modify EPS Bearer Confirmation” message. In step s625, after the thirdmobile telephone 3-3 has reconfigured its bearer for the D2D connection,the third mobile telephone 3-3 also informs the MME 9 that the D2Dbearer has been successfully set up by sending a “Modify EPS BearerConfirmation” message.

Finally, in step s627, the first and third mobile telephones 3-1 and 3-3resume communicating user plane data with each other, except this timevia the established direct D2D connection (labelled “B” in FIG. 1A).

[Mobile Telephones Served by the Same Base Station—at Connection Setup]

A more detailed description will now be given (with reference to FIG. 7)of the scenario discussed above where a D2D communications link is to beestablished between two mobile telephones 3-1 and 3-2 that are seekingto establish a connection with each other and that are currently beingserved by the same base station 5-1.

As shown in step s705, the core network 7 (or a device external to thecore network 7) determines that the two mobile telephones 3-1 and 3-2need to communicate with each other and that they meet the criteria forD2D communication. In response the MME 9 sets up the D2D bearer byestablishing a dedicated EPS bearer for which the Traffic Flow Templateestablishes the mobile telephones 3-1 and 3-2 as the end points for thenew EPS bearer. The MME 9 then generates the appropriate securityinformation for the new D2D link. This includes generating, in steps706, a common shared security base value (RAND or Key) for the mobiletelephones 3-1 and 3-2; and separately encrypting the base value using akey derivation function (KDF) and keys specific to the two mobiletelephones 3-1 and 3-2. Thus, in step s707, the mobility managemententity 9 generates two security configuration values: a “base1” valuewhich has been encrypted using a key specific to the first mobiletelephone 3-1 (K_(ASME_UE1)), and a “base2” value which has beenencrypted using a key specific to the second mobile telephone 3-2(K_(ASME_UE2)).

In step s708, the MME 9 sends an “E-RAB Setup Request” message to thebase station 5-1 for onward transmission to the first mobile telephone3-1. This E-RAB Setup Request message is to setup an EPS bearer that thefirst mobile telephone 3-1 can use to communicate with the second mobiletelephone 3-2. In particular, this E-RAB Setup Request message sets thesecond mobile telephone 3-2 as the destination of the first mobiletelephone's 3-1 traffic flow template (TFT) for the D2D communicationlink. The mobility management entity 9 also includes in this message theD2D bearer configuration and security information for setting up the D2Dbearer, including the base1 value calculated in step s707 and thesecurity algorithm to be used for encrypting the user plane data in theD2D connection. In step s709, the mobility management entity 9 sends asimilar “E-RAB Setup Request” message to the base station 5-1 for onwardtransmission to the second mobile telephone 3-2. This E-RAB SetupRequest message includes TFT information for the D2D bearer, settingfirst mobile telephone 3-1 as the destination of the second mobiletelephone's 3-2 Traffic Flow Template. The E-RAB Setup Request messagesent in step s709 also includes the D2D bearer configuration andsecurity information for setting up the D2D bearer, including the base2value calculated in step s707.

In response to receiving the first “E-RAB Setup Request” message sent instep s708, the base station 5-1 generates an “RRC ConnectionReconfiguration” message and sends it to the first mobile telephone 3-1in step s711. The “RRC Connection Reconfiguration” message includes theD2D radio bearer configuration information and security configuration,such as the above described base1 value and ciphering algorithm to beused. After receiving this RRC Connection Reconfiguration message, instep s712, the first mobile telephone 3-1 recovers the common sharedsecurity base value from the received “base1” value using itsK_(ASME_UE1) key and the key derivation function (KDF).

In response to receiving the second “E-RAB Modify Request” sent in steps709, the base station 5-1 generates another “RRC ConnectionReconfiguration” message and sends it to the second mobile telephone 3-2in step s713. The “RRC Connection Reconfiguration” message includes theD2D radio bearer configuration information and security configuration,such as the above described base2 value and ciphering algorithm to beused. After receiving this RRC Connection Reconfiguration message, instep s714, the second mobile telephone 3-2 recovers the common sharedsecurity base value from the “base2” value using its K_(ASME_UE2) keyand the key derivation function (KDF).

After successfully recovering the common shared security base value andconfiguring the RRC connection, the first mobile telephone 3-1 sends, instep s715, an “RRC Connection Reconfiguration Complete” message back tothe base station 5-1, which in turn sends, in step s717, an “E-RAB SetupResponse” message to the MME 9, acknowledging receipt of the “E-RABSetup Request” message.

Similarly, after successfully recovering the common shared security basevalue and reconfiguring the RRC connection, the second mobile telephone3-2 sends, in step s719, an “RRC Connection Reconfiguration Complete”message back to the base station 5-1, which in turn sends, in step s721,another “E-RAB Setup Response” message to the MME 9, acknowledgingreceipt of the “E-RAB Setup Request” message.

In step s723, after the first mobile telephone 3-1 has configured itsbearer for the D2D connection, the first mobile telephone 3-1 sends theMME 9 an “Activate Dedicated EPS Bearer Confirm” message confirming thatthe D2D EPS bearer is ready to be activated. In step s725, after thesecond mobile telephone 3-2 has configured its bearer for the D2Dconnection, the second mobile telephone 3-2 also sends the MME 9 an“Activate Dedicated EPS Bearer Confirm” message confirming that the D2DEPS bearer is ready to be activated.

Finally, in step s727, the first and second mobile telephones 3-1 and3-2 can start communicating user plane data with each other via theestablished D2D connection (labelled “A”—in FIG. 1A).

[Mobile Telephones Served by Same Core Network but Different BaseStations—at Connection Setup]

A more detailed description will now be given (with reference to FIG. 8)of the scenario discussed above where a D2D communications link is to beestablished between two mobile telephones 3-1 and 3-3 that want toestablish a communication link with each other and which are currentlybeing served by different base stations 5-1 and 5-2.

As shown in step s805, the core network 7 (or a device external to thecore network 7) determines that the two mobile telephones 3-1 and 3-3need to communicate with each other and that they meet the criteria forD2D communication. In response the MME 9 sets up the D2D bearer byestablishing a dedicated EPS bearer for which the Traffic Flow Templateestablishes the mobile telephones 3-1 and 3-3 as the end points for thenew EPS bearer. The MME 9 then generates the appropriate securityinformation for the new D2D link. This includes generating, in steps806, a common shared security base value (RAND or Key) for the mobiletelephones 3-1 and 3-3; and separately encrypting the base value using akey derivation function (KDF) and keys specific to the two mobiletelephones 3-1 and 3-3. Thus, in step s807, the mobility managemententity 9 generates two security configuration values: a “base1” valuewhich has been encrypted using a key specific to the first mobiletelephone 3-1 (K_(ASME_UE1)), and a “base3” value which has beenencrypted using a key specific to the third mobile telephone 3-3(K_(ASME_UE3)).

In step s808, the MME 9 sends an “E-RAB Setup Request” message to thefirst base station 5-1 for onward transmission to the first mobiletelephone 3-1. This E-RAB Setup Request message is to setup an EPSbearer that will allow the first and third mobile telephones 3-1, 3-3 tocommunicate with each other. This E-RAB Setup Request message sets thethird mobile telephone 3-3 as the destination of the first mobiletelephone's 3-1 traffic flow template (TFT) for the D2D communicationlink. The mobility management entity 9 also includes in this message theD2D bearer configuration and security information for setting up the D2Dbearer, including the base1 value calculated in step s807 and thesecurity algorithm to be used for encrypting the user plane data in theD2D connection. In step s809, the mobility management entity 9 sends asimilar “E-RAB Setup Request” message to the second base station 5-2 foronward transmission to the third mobile telephone 3-3. This E-RAB SetupRequest message includes TFT information for the D2D bearer setting thefirst mobile telephone 3-1 as the destination of the third mobiletelephone's 3-3 Traffic Flow Template. The E-RAB Setup Request messagesent in step s809 also includes the D2D bearer configuration andsecurity information for setting up the D2D bearer, including the base3value calculated in step s807.

In response to receiving the first “E-RAB Modify Request” message sentin step s808, the first base station 5-1 generates an “RRC ConnectionReconfiguration” message and sends it to the first mobile telephone 3-1in step s811. The “RRC Connection Reconfiguration” message includes theD2D radio bearer configuration information and security configuration,such as the above described base1 value and ciphering algorithm to beused. After receiving this RRC Connection Reconfiguration message, instep s812, the first mobile telephone 3-1 recovers the common sharedsecurity base value from the received “base1” value using itsK_(ASME_UE1) key and the key derivation function (KDF).

In response to receiving the “E-RAB Setup Request” sent in step s809,the second base station 5-2 generates an “RRC ConnectionReconfiguration” message and sends it to the third mobile telephone 3-3in step s813. The “RRC Connection Reconfiguration” message includes theD2D radio bearer configuration information and security configuration,such as the above described base3 value and ciphering algorithm to beused. After receiving this RRC Connection Reconfiguration message, instep s814, the third mobile telephone 3-3 recovers the common sharedsecurity base value from the “base3” value using its K_(ASME_UE3) keyand the key derivation function (KDF).

After successfully recovering the common shared security base value andconfiguring the RRC connection, the first mobile telephone 3-1 sends, instep s815, an “RRC Connection Reconfiguration Complete” message back tothe first base station 5-1, which in turn sends, in step s817, an “E-RABSetup Response” message to the MME 9, acknowledging receipt of the“E-RAB Setup Request” message.

Similarly, after successfully recovering the common shared security basevalue and configuring the RRC connection, the third mobile telephone 3-3sends, in step s819, an “RRC Connection Reconfiguration Complete”message back to the second base station 5-2, which in turn sends, instep s821, an “E-RAB Setup Response” message to the MME 9, acknowledgingreceipt of the “E-RAB Setup Request” message.

In step s823, after the first mobile telephone 3-1 has configured itsbearer for the D2D connection, the first mobile telephone 3-1 sends theMME 9 an “Activate Dedicated EPS Bearer Confirm” message confirming thatthe D2D EPS bearer is ready to be activated. In step s825, after thethird mobile telephone 3-2 has configured its bearer for the D2Dconnection, the third mobile telephone 3-3 also sends the MME 9 an“Activate Dedicated EPS Bearer Confirm” message confirming that the D2DEPS bearer is ready to be activated.

Finally, in step s827, the first and third mobile telephones 3-1 and 3-2can start communicating user plane data with each other via theestablished D2D connection (labelled “B” in FIG. 1A).

In conclusion, the MME 9 provides information for the D2D bearerconfiguration using a dedicated EPS bearer between both mobiletelephones (see 3GPP TS 36.413), either in the S1 “E-RAB setup request”message or in the S1 “E-RAB modify request” to the base station 5. Thesemessages will include the following information:

In the first scenario described above, the E-RAB Modify Request messagefor the first mobile telephone 3-1, i.e. the message transmitted in steps508, may include the following information:

MME UE1 S1AP ID, eNB UE1 S1AP ID, E-RAB to be modified list{E-RAB_UE1,E-RAB Level QoS parameters, E-RAB D2D ID, E-RAB D2D security info,NAS_PDU_UE1 (Modify EPS bearer context request(updated TFT))}, in whichthe “updated TFT” parameter specifies TFT_UE1: {destination address=UE2IP address}.The D2D radio bearer configuration information and securityconfiguration are included as follows:

“MME UE1 S1AP ID” identifies the MME 9 for the first mobile telephone3-1;

“eNB UE1 S1AP ID” identifies the base station 5-1 for the first mobiletelephone 3-1 in order to correctly route the message through thenetwork towards the first mobile telephone 3-1;

the E-RAB list includes information related to the radio bearer for thefirst mobile telephone 3-1 (“E-RAB_UE1”), the Quality of Service to beprovided on the D2D link (“E-RAB Level QoS parameters”), theidentification of the new D2D link (“E-RAB D2D ID”), the securityconfiguration (“E-RAB D2D security info”—which includes the encryptedcommon base security value), and the non-access stratum (NAS) protocoldata unit (PDU) for the first mobile telephone 3-1 (“NAS_PDU_UE1”),which sets the second mobile telephone 3-2 as the destination for theD2D EPS bearer. The NAS PDU also includes the Modify EPS bearer contextrequest, which is to be delivered, via the base station 5-1, to thefirst mobile telephone 3-1 in order to adjust its operation.

Similarly, the E-RAB Modify Request for the second mobile telephone 3-2,i.e. the message transmitted in step s509, may include the followingcomplementary information:

MME UE2 S1AP ID, eNB UE2 S1AP ID, E-RAB to be modified list{E-RAB_UE2,E-RAB Level QoS parameters, E-RAB D2D ID, E-RAB D2D security info,NAS_PDU_UE2 (Modify EPS bearer context request(updated TFT))}, in whichthe “updated TFT”parameter specifies TFT_UE2: {destination address=UE1IP address}.

The D2D radio bearer configuration information and the securityconfiguration for the second mobile telephone 3-2 is thereforecomplementary to that provided for the first mobile telephone 3-1. Suchcomplementary radio bearer configuration information can also include,inter alia, information relating to the modulation scheme, MIMOconfiguration, frequency, and time frequency scheduling.

Therefore, the two E-RAB Modify Requests containing the complementaryinformation are advantageously used to modify the existing bearers andcombine them in a single D2D bearer between the first and second mobiletelephones 3-1 and 3-2.

Further, in the first scenario described above, the RRC ConnectionReconfiguration message for the first mobile telephone 3-1, i.e. themessage transmitted in step s511, may include the following information:

UE-to-UE radio bearer configuration={RBToMod=RBID_UE1, Radioconfiguration for D2D bearer}, AS Security configuration={Sharedparameter, AS CipheringAlgo}), NAS_PDU_UE1

This information includes the details of the radio bearer of the firstmobile telephone 3-1 to be modified (RBID_UE1), the radio configurationto be used on the (Uu) interface between the two mobile telephones 3-1and 3-2, the security configuration for the access stratum (AS Securityconfiguration), which includes, in this example, information related tothe shared parameter (i.e. the base1 value) and the ciphering algorithmto be used on the access stratum. The NAS PDU received in the precedingstep is also forwarded to the first mobile telephone 3-1 in thismessage.

Similarly, RRC Connection Reconfiguration message for the second mobiletelephone 3-2, i.e. the message transmitted in step s513, may includethe following complementary information:

UE-to-UE radio bearer configuration={RBToMod=RBID_UE2, Radioconfiguration for D2D bearer}, AS Security configuration={Sharedparameter, AS CipheringAlgo}), NAS_PDU_UE2

This information includes the details of the radio bearer of the secondmobile telephone 3-2 to be modified (RBID_UE2), the radio configurationto be used on the (Uu) interface between the two mobile telephones 3-1and 3-2, the security configuration for the access stratum (AS Securityconfiguration), which includes, in this example, information related tothe shared parameter (i.e the base2 value) and the ciphering algorithmto be used on the access stratum. The NAS PDU received in the precedingstep is also forwarded to the second mobile telephone 3-2 in thismessage.

In the third scenario described above, the E-RAB Setup Request for thefirst mobile telephone 3-1, i.e. the message transmitted in step s708,may include the following information:

MME UE1 S1AP ID, eNB UE1 S1AP ID, E-RAB to be modified list{E-RAB_UE1,E-RAB Level QoS parameters, E-RAB D2D ID, E-RAB D2D security info,NAS_PDU_UE1 (Activate Dedicated EPS bearer request(created TFT))}, inwhich the “created TFT” parameter specifies TFT_UE1: {destinationaddress =UE2 address (e.g. IP address)}.

Similarly, the E-RAB Setup Request for the second mobile telephone 3-2,e.g. the message transmitted in step s709, may include the followingcomplementary information:

MME UE2 S1AP ID, eNB UE2 S1AP ID, E-RAB to be modified list{E-RAB_UE2,E-RAB Level QoS parameters, E-RAB D2D ID, E-RAB D2D security info,NAS_PDU_UE2 (Activate Dedicated EPS bearer request (created TFT))}, inwhich the “created TFT” parameter specifies TFT_UE2: {destinationaddress=UE1 IP address (EG IP address)}.

Thus the two E-RAB Setup Requests containing the complementaryinformation create a D2D bearer between the first and second mobiletelephones 3-1 and 3-2.

The MME 9 also provides a security vector (security base value) to beused to protect communications using the device-to-device bearer in S1“E-RAB setup request” or in S1 “E-RAB modify request” and/or ciphering(and/or integrity) algorithm(s). The base station provides, in theRRCConnectionConfiguration message, configuration information for themobile telephones 3 to establish the D2D radio bearer and the securityinformation received from MME 9.

The RRCConnectionReconfiguration message may include a new InformationElement IE (as shown below) to configure for the creation/modificationof a D2D bearer (or it may reuse DRB-ToAdd Information Element orDRB-ToMod Information Element).

New D2D-ToAddMod:: = SEQUENCE { eps-BearerIdentity  INTEGER (0..15)OPTIONAL, -- Cond DRB-Setup drb-Identity DRB-Identity,pdcp-Config PDCP-Config OPTIONAL, -- Cond PDCP rlc-Config RLC-Config OPTIONAL,  -- Cond Setup logicalChannelIdentity INTEGER (3..10)OPTIONAL, -- Cond DRB-SetuplogicalChannelConfig LogicalChannelConfig OPTIONAL, -- Cond Setup ... }

The mobile telephone 3 generates the user plane key from the newsecurity vector received from MME 9 via the base station, its privateK_(ASME) key and a new Key Derivation Function thereof. If the D2D radiobearer configuration and security configuration are both complete, themobile telephone 3 informs the base station and in response the basestation releases the previous radio bearer it had with this mobiletelephone 3 and informs the MME of completion of the D2D bearer.

The MME 9 synchronizes the completion of the D2D bearer from both mobiletelephones 3. For example, if the D2D bearer of the first mobiletelephone 3-1 has failed to be set-up while the D2D bearer of secondmobile telephone 3-2 was successfully setup, then the MME 9 can recoverthe infrastructure path communication for the first mobile telephone3-1.

The MME 9 may provide the D2D security information either in GTP (GPRSTunnelling Protocol) “Create PDP Context request/response” or “UpdatePDP Context request/response”. In this regard the reader is referred to3GPP TS 29.060 for further details.

Modifications and Alternatives

Detailed embodiments have been described above. As those skilled in theart will appreciate, a number of modifications and alternatives can bemade to the above embodiments whilst still benefiting from theinventions embodied therein. By way of illustration only a number ofthese alternatives and modifications will now be described.

In addition to the above scenarios, there is also the scenario where thetwo mobile telephones 3 that are communicating with each other or thatwish to communicate with each other (and which meet the criteria forestablishing a D2D connection) are currently attached to different basestations 5 that are connected to different core networks 7. This mighthappen if, for example, the two mobile telephones are subscribed todifferent network operators. The operation of such an embodiment is verysimilar to that illustrated in FIGS. 6 and 8, except that there willalso be two MMEs 9 involved in the process. In particular, in this case,the two MMEs 9 will negotiate the base value (or at least negotiatewhich of the two MMEs will calculate the base value). The first MME 9will then calculate the base1 value for the mobile telephone associatedtherewith and the second MME 9 will calculate the base2 value for themobile telephone associated therewith. The first MME will then send theappropriate EPS Setup or Modify Request message towards its associatedmobile telephone and the second MME 9 will send the appropriate EPSSetup or Modify Request message towards its associated mobile telephone.The processing is then as shown in FIG. 6 or 8.

In the above embodiment, two mobile telephones were allowed to establisha D2D connection with each other. As those killed in the art willappreciate, D2D connections may be established between three or moremobile telephones, such that the users of the mobile telephones may beconnected together in a conference call setup.

Proximity information that indicates when two or more mobile telephonesare within radio range of each other (and hence suitable for a D2Dconnection) may be provided to the base stations by a node in orconnected to the core network or by the mobile telephones themselves.

The above embodiment has described a preferred way of generating sharedsecurity information and the preferred way of signalling that securityinformation to the mobile devices that will participate in the D2Dcommunication link. As those skilled in the art will appreciate, othersignalling messages may be used to carry the shared security informationtowards the respective user devices. For example, in the abovescenarios, the security information is transmitted between the MME andthe base station using the E-RAB Modify Request or the E-RAB SetupRequest, and between the base station and the mobile telephone using theRRC Connection Reconfiguration message. It will be appreciated that thesecurity information can be transmitted in any part of the abovemessages, for example, in the NAS PDU specific for the mobile telephone.It will be further appreciated that the security information can betransmitted using either a Modify EPS Bearer Context Request or anActivate Dedicated EPS Bearer Request, which might be included in theNAS PDU or might be sent separately. Alternatively, the securityinformation might be provided using a different procedure, such as in aGPRS Tunnelling Protocol (GTP) message, for example the “Create PDPContext Request” or the “Create PDP Context Response”.

In the above embodiments, the mobile telephones are cellular telephones.Other types of user devices such as, for example, personal digitalassistants, laptop computers, web browsers, etc could be used.

Although as described above the mobility management entity generates thecommon shared security base value, this base value may be generated byanother network device, such as the home subscriber server, or adedicated security base value generation network entity.

Although the setting up of D2D communication paths have been describedbetween mobile telephones within the same communications network, theD2D communication paths according to the invention may be set up betweenmobile telephones located in different communications networks. In thiscase, the mobility management entities (and in some cases the basestations) for the respective mobile telephones are also located indifferent networks.

In the above description, the mobility management entity 9, the basestation 5, and the mobile telephones 3 are described for ease ofunderstanding as having a number of discrete functional components ormodules. Whilst these modules may be provided in this way for certainapplications, for example where an existing system has been modified toimplement the invention, in other applications, for example in systemsdesigned with the inventive features in mind from the outset, thesemodules may be built into the overall operating system or code and sothese modules may not be discernible as discrete entities.

In the above embodiments, a number of software modules were described.As those skilled in the art will appreciate, the software modules may beprovided in compiled or un-compiled form and may be supplied to themobility management entity or to the base station or to the mobiletelephone as a signal over a computer network, or on a recording medium.Further, the functionality performed by part or all of this software maybe performed using one or more dedicated hardware circuits. However, theuse of software modules is preferred as it facilitates the updating ofthe mobility management entity 9, the base stations 5 and the mobiletelephones 3 in order to update their functionalities.

Various other modifications will be apparent to those skilled in the artand will not be described in further detail here.

For example, the present invention can be materialized by a program forcausing a computer such as a CPU (Central Processing Unit) to executethe processes shown in FIGS. 5 to 8.

The program can be stored and provided to a computer using any type ofnon-transitory computer readable media. Non-transitory computer readablemedia include any type of tangible storage media. Examples ofnon-transitory computer readable media include magnetic storage media(such as floppy disks, magnetic tapes, hard disk drives, etc.), opticalmagnetic storage media (e.g. magneto-optical disks), CD-ROM, CD-R(compact disc recordable), CD-R/W (compact disc rewritable), andsemiconductor memories (such as mask ROM, PROM (programmable ROM), EPROM(erasable PROM), flash ROM, RAM (random access memory), etc.). Theprogram may be provided to a computer using any type of transitorycomputer readable media. Examples of transitory computer readable mediainclude electric signals, optical signals, and electromagnetic waves.Transitory computer readable media can provide the program to a computervia a wired communication line (e.g. electric wires, and optical fibers)or a wireless communication line.

This application is based upon and claims the benefit of priority fromUnited Kingdom Patent Application No. 1205803.8, filed on Mar. 30, 2012,the disclosure of which is incorporated herein in its entirety byreference.

Glossary of 3GPP Terms D2D—Device to Device

eNB—Evolved NodeB, E-UTRAN base station

EPC—Evolved Packet Core EPS—Evolved Packet System E-UTRA—Evolved UMTSTerrestrial Radio Access E-UTRAN—Evolved UMTS Terrestrial Radio AccessNetwork HSS—Home Subscriber Server LTE—Long Term Evolution (of UTRAN)MME—Mobility Management Entity NAS—Non-Access-Stratum OAM—Operation AndMaintenance P-GW—PDN Gateway (E-)RAB—(EPS-) Radio Access BearerRRC—Radio Resource Control

S1-MME—S1 for the control planeS1-U—S1 for the user plane

S-GW—Serving Gateway TFT—Traffic Flow Template UE—User EquipmentINDUSTRIAL APPLICABILITY

The present invention can be applied to a communications system and toparts and methods thereof. The invention can be particularly but notexclusively applied to wireless communications systems and devicesthereof operating according to the 3GPP standards or equivalents orderivatives thereof.

REFERENCE SIGNS LIST

-   1 COMMUNICATIONS NETWORK-   3 (3-1, 3-2, 3-3) MOBILE TELEPHONE-   5 (5-1, 5-2) BASE STATION-   7 CORE NETWORK-   8 SERVING GATEWAY-   9 MOBILITY MANAGEMENT ENTITY-   10 PACKET DATA NETWORK GATEWAY-   11, 51, 71 TRANSCEIVER CIRCUIT-   13 BASE STATION INTERFACE-   15, 55 CORE NETWORK INTERFACE-   17, 57, 77 CONTROLLER-   19, 59, 79 MEMORY-   21, 61, 81 OPERATING SYSTEM-   23 D2D MONITORING MODULE-   25 D2D SETUP MODULE-   27 SECURITY FUNCTION MODULE-   29 D2D COMPLIANCE MODULE-   53, 73 ANTENNA-   63, 83 COMMUNICATIONS CONTROL MODULE-   65, 85 D2D CONTROL MODULE-   67, 87 SECURITY MODULE-   A, B D2D CONNECTION

What is claimed:
 1. A core network for a mobile communication system, the core network comprising: a processor; and a memory storing instructions executable by the processor, wherein the instructions are configured to, if executed by the processor, cause the core network to: determine whether a first user equipment (UE) and a second UE can support a direct device to device communications link, provide security information that is common to the first UE and the second UE and from which the first UE and the second UE can derive a security key for protecting user plane traffic sent over the direct device to device communications link, provide security algorithm information for encrypting traffic in the direct device to device communications link, send the common security information to the first UE in a first message, and send the common security information to the second UE in a second message.
 2. A user equipment (UE) for a mobile communication system that includes a core network that determines whether the UE can support a direct device to device communications link, the UE comprising: a processor; and a memory storing instructions executable by the processor, wherein the instructions are configured to, if executed by the processor, cause the UE to: receive, from the core network, security information that is common to the UE and another UE and from which the UE and the another UE can derive a security key for protecting user plane traffic sent over a direct device to device communications link, and security algorithm information for encrypting traffic in the direct device to device communications link, derive, using the received security information, the security key for protecting user plane traffic, establish the direct device to device communications link with the another UE, and protect user plane traffic sent over the direct device to device communications link using the derived security key and using said security algorithm information.
 3. A communication control method for a core network for a mobile communication system, the communication control method comprising: determining whether a first user equipment (UE) and a second UE can support a direct device to device communications link; providing security information that is common to the first UE and the second UE and from which the first UE and the second UE can derive a security key for protecting user plane traffic sent over the direct device to device communications link; providing security algorithm information for encrypting traffic in the device to device communications link; sending the common security information to the first UE in a first message; and sending the common security information to the second UE in a second message.
 4. A communication control method for a user equipment (UE) for a mobile communication system that includes a core network that determines whether the UE can support a direct device to device communications link, the communication control method comprising: receiving, from the core network, security information that is common to the UE and another UE and from which the UE and the another UE can derive a security key for protecting user plane traffic sent over a direct device to device communications link, and security algorithm information for encrypting traffic in the direct device to device communications link; deriving, using the received security information, the security key for protecting user plane traffic; establishing the direct device to device communications link with the another UE; and protecting user plane traffic sent over the direct device to device communications link using the derived security key and using said security algorithm information. 